<%@ page import="java.sql.*" %>
<html>
<head>
<script type="text/javascript">
function checkForm(){
	var flag = true;
	if(document.forms[0].elements['username'].value=='' ||
			document.forms[0].elements['password'].value==''){
		alert('User name or Password field is empty');
		flag = false;
	}	
	return flag;	
}
</script>
</head>
<body BGCOLOR="#FFFFFF">
<BR><BR>
<% 
	String username = request.getParameter("username");
	String password = request.getParameter("password");
	if
	(
		request.getParameter("username")==null || request.getParameter("username")=="" ||
		request.getParameter("password")==null || request.getParameter("password")==""
	)
	{
		if(username==null)username="";
		if(password==null)password="";
	%>	
	<form action="login.jsp" method="post">
		<table align="center">
			<tr>
				<td>
					User Name:&nbsp;
				</td>
				<td>
					<input type="text" name="username" value="<%=username  %>"/>
				</td>
			</tr>
			<tr>
				<td>
					Password:&nbsp;&nbsp;
				</td>
				<td>
					<input type="password" name="password" value="<%=password %>"/>
				</td>
			</tr>
			<tr>
				<td colspan="2" align="center">
					<input type="submit" name="login" value="login" onclick="return checkForm();"/>
				</td>
			</tr>
		</table>
	</form>
<% }else{ 
	Connection conn = null;
	try
	{
		Class.forName("oracle.jdbc.driver.OracleDriver");
		conn = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:XE", "hr", "hr");
		Statement stmt = conn.createStatement();
		ResultSet rs = stmt.executeQuery("SELECT * FROM LOGIN_TRANS");
		out.println("<TABLE CELLSPACING=\"0\" CELLPADDING=\"3\" BORDER=\"1\">");
		out.println("<TR><TH>Username</TH>"); 
		out.println(" <TH>Password</TH></TR>"); 
		out.println("<TH>Role<TH/></TR>");
		out.println("<TH>Email<TH/></TR>");
		out.println("<TH>Emp_id<TH/></TR>");
		while(rs.next())
		{
			if(rs.getNString(0)==username && rs.getNString(password)== password)
			{
				out.println("<TR>");
				out.println(" <TD>" + rs.getString("USERNAME") + "</TD>");
				out.println(" <TD>" + rs.getString("PASSWORD") + "</TD>");
				out.println(" <TD>" + rs.getString("ROLE") + "</TD>");
				out.println(" <TD>" + rs.getString("EMAIL") + "</TD>");
				out.println("</TR>");
			}
		else
		{
			out.println("Invalid User");
		}
			out.println("</TABLE>");
		}
	if (rs.getInt(2)==1)
		out.println("Administrator");
	//link to menu
	else if(rs.getInt(2)==2)
		out.println("Database Entry Executive");
	else if(rs.getInt(2)==3)
		out.println("Employee");
	else
		out.println("Invalid status");
	}
		catch(SQLException e)
		{
			out.println("SQLException: " + e.getMessage() + "<BR>");
			while((e = e.getNextException()) != null)
			out.println(e.getMessage() + "<BR>");
		}
		catch(ClassNotFoundException e)
		{
			out.println("ClassNotFoundException: " + e.getMessage() + "<BR>");
		}
		finally
		{
			//Clean up resources, close the connection.
			if(conn != null)
			{
				try
				{
					conn.close();
				}
				catch (Exception ignored) {}
			}
		}
	}%>

</body>
</html>